Abstract
In the past two decades, the unprecedented incursion of technology into the economic and socio-cultural activities in Nigeria increasingly posed many unanswered questions on data protection and privacy. Consequently, this led to the country’s numerous attempts to enact a principal data protection legislation in addition to the existing sectoral laws on the subject. Despite its ratification of the Economic Community of West African States (ECOWAS) Supplementary Act on data protection in 2010, Nigeria carried on without a general data protection legislation until nine years later when the National Information Technology Development Agency (NITDA), in a face-saving regulatory move, issued the Nigeria Data Protection Regulation (NDPR) as Nigeria’s first all-encompassing and comprehensive, albeit subsidiary legislation on data protection. This article provides an analytical synopsis of Nigeria’s current legal framework on data protection touching its brief history, the general and sectoral enactments on data protection, the enforcement mechanism created under the NDPR as well as the Implementation Framework issued in the mould of guidance notes.
Highlights
Nigeria has had subsidiary data protection legislation for over two years but its legal framework around the subject lacks holistic academic appraisal to date
This article provides an analytical synopsis of Nigeria’s current legal framework on data protection touching its brief history, the general and sectoral enactments on data protection, the enforcement mechanism created under the Nigeria Data Protection Regulation[1] (NDPR) as well as the Implementation Framework issued in the mould of guidance notes
This article is divided into four main sections: the first briefly gives a background of data protection in Nigeria by capturing the legislative and administrative trajectory enroute the issuance of NDPR4 while the section focuses on Nigeria’s legal and regulatory regime on data protection by introducing the relevant international instruments and municipal statutory provisions under the general and sector-specific enactments duly passed by the parliament or released by public bodies during the pre- and post-NDPR issuance
Summary
In the past two decades, the unprecedented incursion of technology into the economic and socio-cultural activities in Nigeria increasingly posed many unanswered questions on data protection and privacy. This led to the country’s numerous attempts to enact a principal data protection legislation in addition to the existing sectoral laws on the subject. Despite its ratification of the Economic Community of West African States (ECOWAS) Supplementary Act on data protection in 2010, Nigeria carried on without a general data protection legislation until nine years later when the National Information Technology Development Agency (NITDA), in a face-saving regulatory move, issued the Nigeria Data Protection Regulation (NDPR) as Nigeria’s first all-encompassing and comprehensive, albeit subsidiary legislation on data protection. This article provides an analytical synopsis of Nigeria’s current legal framework on data protection touching its brief history, the general and sectoral enactments on data protection, the enforcement mechanism created under the NDPR as well as the Implementation Framework issued in the mould of guidance notes
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
